Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
File: 16e3842c-0679-4aa3-bd71-e66ff760467d.roa (raw, json)
Hash identifier: BVIhqE6fyjBszFK9h6eKEoHI8LnWU5yGaHhafvFX5kA=
Subject key identifier: 33:A9:D1:E3:A2:3D:3B:F2:50:58:FE:AA:82:52:0F:86:08:83:7B:3D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A5842577B59533EC1C716965D1F2BF1AFAA36E0
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
Signing time: Mon 18 Nov 2024 00:00:00 +0000
ROA not before: Mon 18 Nov 2024 00:00:00 +0000
ROA not after: Mon 23 Dec 2024 23:59:59 +0000
asID: 8987
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:58:42:57:7b:59:53:3e:c1:c7:16:96:5d:1f:2b:f1:af:aa:36:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 18 00:00:00 2024 GMT
Not After : Dec 23 23:59:59 2024 GMT
Subject: serialNumber=9406ebfb2d30a68a32ec8671588bae282e691f3a1bc8497ca6c697f315aeffc9, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8d:d5:e4:d8:e4:be:13:a3:7b:14:d1:80:df:
39:0e:eb:ce:c9:de:f3:57:e9:21:3b:f9:a6:93:78:
80:26:39:61:d1:ad:9f:88:77:e4:ba:ab:4a:aa:83:
53:2e:10:24:3a:1d:55:4c:75:ac:ad:20:50:aa:5f:
09:f4:87:16:15:9c:e3:6d:c7:3b:fa:c7:2f:69:f0:
2e:91:ef:0b:9c:2f:34:d8:12:f1:29:47:b3:8a:b1:
49:31:de:07:54:bc:10:1a:7d:47:e0:f6:d6:0d:42:
d1:5d:27:53:8f:80:32:35:f1:63:fa:13:43:5d:95:
3b:c9:ab:a0:7e:de:20:d1:0a:14:b0:2d:16:1d:79:
c7:36:13:1a:36:92:90:b5:9c:c6:b2:c2:b1:94:69:
97:f9:cf:1d:44:b6:3b:aa:f5:88:85:da:02:e1:f4:
1b:b9:ed:88:e1:ae:16:a8:85:0d:f9:0a:30:40:ea:
5c:33:c2:6d:d1:19:ce:a3:96:6e:9c:ea:d7:77:aa:
85:c7:fd:c6:e5:97:82:2c:89:f2:7c:3f:e8:8f:d8:
f5:07:e5:2f:3b:e1:79:3a:6c:ff:e8:8a:b7:1a:fe:
6e:0a:92:92:36:d0:90:44:ee:a4:16:ed:2c:92:8f:
7d:3f:c2:8e:e0:31:61:eb:5a:e8:3a:fa:8c:dd:98:
7b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A9:D1:E3:A2:3D:3B:F2:50:58:FE:AA:82:52:0F:86:08:83:7B:3D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/16e3842c-0679-4aa3-bd71-e66ff760467d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:6d:a4:c1:16:47:f1:50:c6:b2:8f:38:04:f5:3c:27:32:a8:
6f:fd:13:bd:c0:3b:38:10:1b:fe:d1:c4:54:d3:9a:8f:9a:c8:
18:b5:e9:91:53:30:b8:69:e2:87:e5:28:86:c0:c5:31:fd:46:
3a:b8:7a:7e:ab:c9:0b:74:77:67:ea:fd:c8:a4:fd:55:2a:fe:
1c:19:85:ba:db:a9:0b:86:82:75:e4:42:37:d9:fa:d7:3a:cb:
01:43:ee:99:ae:e9:3f:a1:23:8d:0e:61:5a:bf:f2:05:b5:47:
8c:96:01:3e:bc:a1:28:3a:f1:39:a2:3c:ed:52:f4:45:59:53:
6a:46:ef:08:0c:e6:19:72:44:49:08:f1:95:8d:ac:60:a7:1c:
8e:4c:e8:fa:f3:01:40:5f:a7:8c:f1:d3:d9:c1:bb:bc:4a:cc:
29:9d:39:5f:c7:0a:3a:26:e3:93:2b:62:11:eb:f7:d2:ae:38:
8b:d4:61:29:ea:c3:4c:cd:b3:a7:71:16:17:56:db:09:40:a2:
b8:84:8d:55:e9:cc:0a:f2:48:bd:0c:26:fa:c8:4a:48:51:1b:
48:86:9a:c7:0e:7c:83:b8:8f:e8:50:7b:d6:58:ec:05:f9:af:
bc:60:6b:f6:48:ab:4b:84:2f:73:bb:cc:8e:b6:f7:88:47:a2:
f9:70:cc:3f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOlhCV3tZUz7BxxaWXR8r8a+qNuAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMTgwMDAwMDBaFw0yNDEyMjMyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0MDZlYmZiMmQzMGE2OGEzMmVjODY3MTU4OGJhZTI4MmU2OTFmM2ExYmM4
NDk3Y2E2YzY5N2YzMTVhZWZmYzkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+N1eTY5L4To3sU0YDfOQ7rzsne81fpITv5ppN4gCY5YdGtn4h35LqrSqqD
Uy4QJDodVUx1rK0gUKpfCfSHFhWc423HO/rHL2nwLpHvC5wvNNgS8SlHs4qxSTHe
B1S8EBp9R+D21g1C0V0nU4+AMjXxY/oTQ12VO8mroH7eINEKFLAtFh15xzYTGjaS
kLWcxrLCsZRpl/nPHUS2O6r1iIXaAuH0G7ntiOGuFqiFDfkKMEDqXDPCbdEZzqOW
bpzq13eqhcf9xuWXgiyJ8nw/6I/Y9QflLzvheTps/+iKtxr+bgqSkjbQkETupBbt
LJKPfT/CjuAxYeta6Dr6jN2Ye9kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQzqdHj
oj078lBY/qqCUg+GCIN7PTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTZlMzg0MmMtMDY3OS00YWEzLWJkNzEtZTY2ZmY3NjA0NjdkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQBlbaTBFkfxUMayjzgE9TwnMqhv/RO9wDs4EBv+0cRU
05qPmsgYtemRUzC4aeKH5SiGwMUx/UY6uHp+q8kLdHdn6v3IpP1VKv4cGYW626kL
hoJ15EI32frXOssBQ+6Zruk/oSONDmFav/IFtUeMlgE+vKEoOvE5ojztUvRFWVNq
Ru8IDOYZckRJCPGVjaxgpxyOTOj68wFAX6eM8dPZwbu8SswpnTlfxwo6JuOTK2IR
6/fSrjiL1GEp6sNMzbOncRYXVtsJQKK4hI1V6cwK8ki9DCb6yEpIURtIhprHDnyD
uI/oUHvWWOwF+a+8YGv2SKtLhC9zu8yOtveIR6L5cMw/
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:28 2024 by rpki-client on console-fra.rpki-client.org